Ask Sucuri: How Did My WordPress Website Get Hacked? – A Tutorial
Daniel Cid With the proliferation of Infrastructure and Platform as a Service providers, it is no surprise that a majority of today’s websites are hosting in the…
Browsing Category
WordPress Security
662 posts
WP-CLI Guide: Install WordPress via SSH
Alycia Mitchell This is our fourth post on using WP-CLI to manage WordPress securely over SSH. In our first post we showed you how to connect to…
WP-CLI Guide: Secure Plugin & Theme Management
Welcome to our third post on WP-CLI for secure WordPress management over an SSH command line interface. In our previous two articles, we discussed how…
SweetCAPTCHA Returns Hijacking Another Plugin
Denis Sinegubko Yesterday we observed a strange short return of the SweetCaptcha plugin to WordPress.org repository. In June we reported that SweetCaptcha injected third-party ad code to…
WP-CLI Guide: Secure WordPress Backup and Update
Welcome to our second post in the series on WP-CLI for WordPress management over SSH. In our previous post, we discussed how to get your…
WP-CLI Guide: Connect to WordPress via SSH Intro
Do you use the WordPress dashboard to update plugins and themes? How do you back up your database? If you have not used it yet,…
Common Website Security Terminology Defined
If you want to keep your website safe, it is important to understand the website security terminology used to describe the causes and effects of…
Security Advisory: Object Injection Vulnerability in WooCommerce
Marc-Alexandre Montpas During a routine audit for our WAF, we discovered a dangerous Object Injection vulnerability in WooCommerce which could, in certain contexts, be used by an…
Website Security: How Do Websites Get Hacked?
Tony Perez In 2014, the total number of websites on the internet reached 1 billion. Today it’s hovering somewhere in the neighborhood of 944 million due to…
Fake jQuery Scripts in Nulled WordPress Plugins
We recently investigated some random redirects on a WordPress website that would only happen to certain visitors. Traffic analysis showed us that it was not…
JetPack and TwentyFifteen Vulnerable to DOM-based XSS
David Dede Any WordPress Plugin or theme that leverages the genericons package is vulnerable to a DOM-based Cross-Site Scripting (XSS) vulnerability due to an insecure file included…